Week in review: Western Digital network security incident, QNAP vulns, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Passbolt: Open-source password manager for security-conscious organizations …
Rilide browser extension steals MFA codes
Cryptocurrency thieves are targeting users of Chromium-based browsers – Google Chrome, Microsoft Edge, Brave Browser, and Opera – with an extension that steals …
Phishing emails from legit YouTube address hitting inboxes
Phishers are targeting YouTube content creators by leveraging the service’s Share Video by Email feature, which delivers the phishing email from an official YouTube …
April 2023 Patch Tuesday forecast: The vulnerability discovery race
The answer to the question “Why does software continue to have so many vulnerabilities?” is complex, because the software itself is so complex. There’ve been many articles …
New infosec products of the week: April 7, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Guardz, Malwarebytes, Obsidian Security, and Stamus Networks. Malwarebytes unveils …
Cyberthreats take a toll on IT teams’ work on other projects
93% of organizations find the execution of some essential security operation tasks, such as threat hunting, challenging, according to Sophos. IT professionals face challenging …
Outcome-based cybersecurity paves way for organizational goals
Organizations follow a reactive approach to cybersecurity which is stifling their progress in demonstrating value and aligning with business outcomes, according to WithSecure. …
Companies carry unquantified levels of risk due to current network security approaches
40% of senior cybersecurity decision makers effectively prioritize risks to Payment Card Industry Data Security Standard (PCI DSS) 4.0 compliance, according to Titania. The …
Rorschach ransomware deployed by misusing a security tool
An unbranded ransomware strain that recently hit a US-based company is being deployed by attackers who are misusing a tool included in a commercial security product, Check …
Google Play apps will allow users to initiate in-app account deletion
Google Play will be pushing Android app developers to allow users to delete their account and associated data from within the app. Users will also be given the option to only …
Resecurity uncovers STYX, new cybercriminal platform focused on financial fraud
Resecurity has recently identified the STYX Innovation Marketplace, a new cybercriminal e-commerce platform with a specialized focus on financial fraud and money laundering. …
IT and security pros pressured to keep quiet about data breaches
Organizations globally are under tremendous pressure to address evolving threats like ransomware, zero-day vulnerabilities, and espionage, and they face challenges in …
Featured news
Resources
Don't miss
- What 35 years of privacy law say about the state of data protection
- 40 open-source tools redefining how security teams secure the stack
- Password habits are changing, and the data shows how far we’ve come
- Product showcase: Tuta – secure, encrypted, private email
- Henkel CISO on the messy truth of monitoring factories built across decades